re-mbam scan

joe134

Gillor wrote: »

If you download and install WhoCrashed it will analyse the crash dump and should give you a clue as to where the problem lies...

http://www.resplendence.com/whocrashed

Just done this Gillor.
Here's Result;No Dumps.
Dumps enabled.
It won't allow me to paste result??

Sicard

I just tried to install Combofix from 2 different sources but it tells me my system W2000 isn't supported which is a bit strange as I'm W10.

Gillor

^^^

Does this help?

http://www.resplendence.com/whocrashed_dumpnotwritten

joe134

Gillor wrote: »

^^^

Does this help?

http://www.resplendence.com/whocrashed_dumpnotwritten

Not really, bit too techie for me:)
Need to digest it further.
old gray matter not as it was.
I can see where you get it from, at the end of my report:in conclusion

joe134

DavidP24 wrote: »

There are rootkit scanners from ALL the major AV suppliers, if you do not dare risk one go with another.

Of course they will have warnings but honestly most of them are there for their own protection.

If you are that concerned, take an image of your system to an external disk or partition your existing disk, clone and hide backup with Mini Partition Wizard tool. It is always a good idea to separate your data anyway.

All you do is resize the existing partition, create two or three more, so if Windows is taking up 40gb then resize to say 60gb, then leave a gap of 60gb and create new partitions beyond that for data etc.

Then right click Documents, Pictures etc and move your data off the Win Partition to the new ones you just created.

Then run mini partition wizard tool again and clone what will now be a smaller partition. Use the tool to hide the backup you just made, so worst case scenario if you screw up win partition you will be able to copy this one back. It may sound complicated but it is a graphical easy to use tool, you make all your changes but do not apply them till you are ready.

Personally I doubt you even have a rootkit, least you can do is run the alternatives to Malwarebytes

https://www.mcafee.com/ca/downloads/free-tools/rootkitremover.aspx

https://www.bleepingcomputer.com/download/tdsskiller/

https://www.bleepingcomputer.com/download/aswmbr/

https://www.bleepingcomputer.com/download/gmer/

Not to mention the standalone rootkit scanner from MalwareBytes

https://www.bleepingcomputer.com/download/malwarebytes-anti-rootkit/

Cheers David, used aswmbr.
I didn't use Fix MBR, as I wasn't sure of the outcome,due to the warning, but, fix wasn't an option, so assumed all was ok.:).
That's 2 now.
Nothing showing so taking it there's no Rootkit.
Leaving it at that now.
Probably will never know why Mbam rootkit, enabled, causes pc to crash, so, leaving it disabled.
Didn't know there were so many stand alone ones.
Thanks all, appreciate all your help and Advice.:beer:

Gillor

Sicard wrote: »

I just tried to install Combofix from 2 different sources but it tells me my system W2000 isn't supported which is a bit strange as I'm W10.

Combofix doesn't support Windows 8.1 or Windows 10.

joe134

Gillor wrote: »

Combofix doesn't support Windows 8.1 or Windows 10.

Seems my last attempt at finding rootkit has only made my pc worse!
Cannot log on at all now?
Even tried safe mode, nothing, it loads drivers, then just waiting.and waiting.
In normal, wait for ages, blue screen, then black and white,keeps crashing.

edit.
In safe mode now?
all ok now, restored back to earlier point.
Nearly 2 hours to get into safe mode.;
Thought it was Kaput.:-)
that a vast scan must have upset the system, and changed the MBR, although I said no.
Back to normal, only 6 days earlier.

Sicard

Might be worth running a sfc. It won't do any harm and it only takes a few mins.

Gillor

You didn’t use Combofix did you?

Trial and error, and loads of time and patience means is often better to bite the bullet and re-install Windows afresh, especially if you do have a rootkit which will have hooked itself deep and messed up your system. And you can never be sure that bits of it aren't still there anyway.

joe134

Gillor wrote: »

You didn’t use Combofix did you?

Trial and error, and loads of time and patience means is often better to bite the bullet and re-install Windows afresh, especially if you do have a rootkit which will have hooked itself deep and messed up your system. And you can never be sure that bits of it aren't still there anyway.

No, didn't use Combo.No intention.
Might do as you say, one of the days, and do a re-instal.
It's doing a right wobbler today.
Avast AV was turned off, then, it aborted scan at 94%?
I have just spent all morning since 0530, trying to get online, updating avast, scanning, etc.
Good job I have patience, and an I-pad.:)
I still reckon there's something on Pc , hidden deep, that's not supposed to be there?
The things it does at times, gives me the impression, everything I do, goes via a Proxy.
There's always a lag.
Like I said earlier, you get paranoid after a while:eek:
spend more time maintaining pc, than using it.
nowt else to do:rotfl: